US20120213361A1 - Systems and methods for device and data authentication - Google Patents

Systems and methods for device and data authentication Download PDF

Info

Publication number
US20120213361A1
US20120213361A1 US13/185,825 US201113185825A US2012213361A1 US 20120213361 A1 US20120213361 A1 US 20120213361A1 US 201113185825 A US201113185825 A US 201113185825A US 2012213361 A1 US2012213361 A1 US 2012213361A1
Authority
US
United States
Prior art keywords
data
authentication
slave
host
key
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
US13/185,825
Other versions
US8630411B2 (en
Inventor
Cheow Guan Lim
Stephan Schaecher
Wieland Fischer
Bernd Meyer
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Infineon Technologies AG
Original Assignee
Infineon Technologies AG
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Priority to US13/185,825 priority Critical patent/US8630411B2/en
Application filed by Infineon Technologies AG filed Critical Infineon Technologies AG
Assigned to INFINEON TECHNOLOGIES AG reassignment INFINEON TECHNOLOGIES AG ASSIGNMENT OF ASSIGNORS INTEREST (SEE DOCUMENT FOR DETAILS). Assignors: LIM, CHEOW GUAN, MEYER, BERND, FISCHER, WIELAND, SCHAECHER, STEPHAN
Priority to DE102012202420.4A priority patent/DE102012202420B4/en
Priority to CN201210036275.1A priority patent/CN102647276B/en
Priority to CN201510776517.4A priority patent/CN105262595B/en
Publication of US20120213361A1 publication Critical patent/US20120213361A1/en
Priority to US14/152,298 priority patent/US9407618B2/en
Priority to US14/152,227 priority patent/US9450933B2/en
Publication of US8630411B2 publication Critical patent/US8630411B2/en
Application granted granted Critical
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/30Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy
    • H04L9/3066Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy involving algebraic varieties, e.g. elliptic or hyper-elliptic curves
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3226Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a predetermined code, e.g. password, passphrase or PIN
    • H04L9/3231Biological data, e.g. fingerprint, voice or retina
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3236Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions
    • H04L9/3242Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions involving keyed hash functions, e.g. message authentication codes [MACs], CBC-MAC or HMAC
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3271Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using challenge-response
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/88Medical equipments

Definitions

  • the invention relates generally to authentication in electronic devices and more particularly to providing both device and data authentication at the same time.
  • Modern anti-counterfeiting techniques generally can be divided into two classes, namely methods that exploit specific physical properties related to the items to be protected and methods that are based on digital techniques. Typically, these latter methods rely on properties of cryptographic algorithms.
  • the properties to be verified are either features of the item itself (e.g. surface structure) or are technically connected to the item in an irremovable way. Examples include holograms, seals, security labels, water marks, micro marks, chemical marks, special papers and reproduction techniques, fluorescent colors, laser engravings, special coatings and paints, and many more. Methods for marking products or packages rely on special manufacturing steps or special materials that are not commonly available and require highly sophisticated technical production and handling capabilities.
  • the general philosophy behind physical property-based anti-counterfeiting techniques is that there is a substantial and sufficiently large technological gap between the producer of the security mark and the attacker.
  • cryptographic methods gain their security only from the secrecy of key material and do not rely on the belief that the manufacturer is technologically superior to the attacker.
  • the level of protection offered by cryptographic schemes depends mainly on the length of the secret keys involved and can easily be scaled such that any straight-forward attack becomes impossible.
  • Authenticity of data can be achieved by algorithms for generation and verification of message authentication codes and digital signatures. These algorithms prevent the creation of data for counterfeit products, but they cannot protect against the copying and cloning of valid authentication data of genuine products.
  • the authenticity of the item needs to be checked. Therefore, it is typically necessary for the authentication data to be bound to a physical object like a smart card or a security integrated circuit (IC). In this situation, the protection mechanisms of the hardware prevent unauthorized access to key material or authentication data. Verification of the authenticity of items is accomplished by active protocols between the verifier and the item to be tested.
  • the components implement a challenge-response protocol: the host (verifier) sends a randomly chosen challenge to the security device.
  • the security device computes a message authentication code (for example using a keyed hash function) depending on the challenge and the secret key stored in the device and sends the authentication data back to the host. If the security device uses symmetric key management, the host knows the secret key, repeats the computation, and compares the two results. If the results are equal then the device has proven knowledge of its secret key and will be considered authentic. Almost all available low-cost security devices for anti-counterfeiting follow this design approach.
  • the host Since the secret keys of all security devices to be verified have to be known to the host, special care has to be taken to protect the keys stored in the host. In most applications the host contains a special security device (for example a smart card) to protect the secret key.
  • a special security device for example a smart card
  • Asymmetric key management has many benefits over the symmetric approach since there is no secret key information necessary in the host device. This allows the host side of the protocol to be implemented completely in software. This is especially advantageous for large decentralized applications in which an attacker can get access to and control of host devices. All practically relevant applications based on asymmetric key management derive their security from the assumed hardness of computing discrete logarithms in the group of points of some elliptic curve defined over finite fields of characteristic two. This specific mathematical structure offers the best ratio of cryptographic security versus length of the parameters and allows low-cost and small foot-print VLSI implementations with low power consumption.
  • Another aspect of authentication relates to the protection of data exchanged by devices, beyond the authentication of the devices themselves. Even if a set of devices has been authenticated, critical data sent or received by the devices can be vulnerable. For example, a non-authenticated device can intercept communications and tamper with data, which can go undetected even if the original devices were authenticated. Wireless devices, particularly those used in public spaces, can be especially vulnerable to such interceptions, often referred to as “man-in-the-middle” or “piggyback” attacks.
  • Existing solutions often use a session key, which is typically so long that decoding data quickly is difficult or impossible. Further, session keys known only to the parties exchanging information need to be established, with the keys and the process(es) for establishing them kept secure.
  • Embodiments relate to systems and methods for authenticating devices and securing data.
  • a method for the authentication of data and/or devices comprises reading data from a slave device by a host device; generating a challenge by the host device; transmitting the challenge from the host device to the slave device; generating a slave-side session key by the slave device from the challenge and a secret authentication key stored in the slave device; generating, by the slave device and dependent upon the slave-side session key, authentication data for the read data; transmitting the authentication data from the slave device to the host device; determining a host-side session key by the host device using a public authentication key known by the host device, the public and secret authentication keys forming an authentication key pair; and using, by the host device, the host-side session key and the authentication data to verify an authenticity of the read data and the slave device.
  • a method for the authentication of data and/or devices comprises implementing a challenge-response protocol between a first device and a second device; determining a session key known to both the first and second devices as part of the implementing; and authenticating the first device to the second device while authenticating data read from the first device to the second device utilizing the session key.
  • a system for the authentication of data and/or devices comprises a first device comprising an authentication integrated circuit (IC) including a secret authentication key; and a second device comprising a public authentication key, the second device configured to authenticate the first device and data read from the first device by establishing a session key as part of a challenge-response protocol between the first and second devices that utilizes the secret authentication key and the public authentication key.
  • IC authentication integrated circuit
  • public authentication key the second device configured to authenticate the first device and data read from the first device by establishing a session key as part of a challenge-response protocol between the first and second devices that utilizes the secret authentication key and the public authentication key.
  • an integrated circuit (IC) adapted to be embedded in a first device comprises a memory comprising data and a private authentication key; and a communication interface configured to communicate with a second device comprising a public authentication key using an asymmetric cryptographic technique to authenticate both the first device and the data to the second device.
  • IC integrated circuit
  • FIGS. 1A-1C are block diagrams of piggybacking schemes.
  • FIG. 2 is a block diagram of a system according to an embodiment.
  • FIG. 3 is a flowchart of a method according to an embodiment.
  • Embodiments relate to systems and methods for authenticating devices and securing data.
  • a session key for securing data between two devices can be derived as a byproduct of a challenge-response protocol for authenticating one or both of the devices.
  • the protocol can utilize elliptic curve asymmetric authentication in one embodiment.
  • the scalar multiplication k*P is defined where k is an integer and P a point of E. Then k*P denotes the k-fold addition of P.
  • a piggyback attack is an attack scenario that does not attack the authentication between devices per se but rather that circumvents the protection intended by the authentication device by intercepting, controlling and/or altering the communication(s).
  • Many business models rely on the usage of authorized replacement parts, consumables that record usage information, and/or lifetime counters to prevent use of counterfeit accessories, unauthorized refills, and/or longer use of an accessory or consumable than is safe or intended.
  • An example that will be used herein throughout is that of a medical device with an accessory, for example a medical pump to deliver a fluid medication to a patient and which tracks a level of the medication in a medication cassette, though this is not in any way to be considered a limiting example or exclusive embodiment.
  • a host device 102 and a slave device 104 are configured to exchange communications.
  • an unauthorized piggyback device 106 intercepts, controls and/or otherwise alters communications between host 102 and slave device 104 .
  • the communications can be wired or wireless.
  • piggyback device 106 can let only communications necessary for authentication of slave device 104 to host device 102 via an authentication integrated circuit (IC) 108 pass ( FIG. 1B ) before assuming control of communications ( FIG. 1C ).
  • IC authentication integrated circuit
  • piggyback device 106 can intercept the write data and store the data in its own memory.
  • piggyback device 106 can intercept the communication and instead provide data from its own memory, thereby providing host device 102 with expected data to not trigger any suspicion.
  • piggyback device 106 can mask refilling of the cassette. This can be a commonly attempted practice that is generally undesired by physicians and other medical professionals, and/or pharmaceutical companies and medication cassette manufacturers. Once the cassette is authenticated to the medical device, there is no further authentication of the data exchanged between the devices.
  • Embodiments discussed herein therefore aim to prevent such piggybacking, in part by providing both device and data authentication at the same time.
  • this is accomplished by authenticating the device and data in a communication and using a session key derived from the communication, and known to both host and slave devices but not transmitted and therefore not vulnerable to piggybacking, to authenticate data in subsequent communications until the session key needs to be refreshed.
  • System 200 comprises a host device 202 and slave device 204 .
  • Host device 202 can comprise a mobile phone; personal digital assistant (PDA); camera; MP3 player, gaming system, audio and/or video system, or other entertainment device; computer, computer system, network or computing device; copy machine, scanner, all-in-one or other digital imaging or reproduction device; medical device or equipment or diagnostic supply; automobile or automotive system; industrial system; or some other electronic or computer device.
  • PDA personal digital assistant
  • camera MP3 player, gaming system, audio and/or video system, or other entertainment device
  • computer computer system, network or computing device
  • copy machine, scanner, all-in-one or other digital imaging or reproduction device medical device or equipment or diagnostic supply
  • automobile or automotive system industrial system; or some other electronic or computer device.
  • Slave device 204 can comprise a battery; an accessory, including earphones, a headset, speakers, a docking station, a game controller, a charger, a microphone and others; a toner cassette, magazine, chamber or similar holder; a computer or computer system component, network device, peripheral, USB or other storage device; automotive part, component or accessory; industrial component or part; or some other part, accessory or component, and for which authentication is required or desired.
  • slave device 204 is a replacement component, such as an aftermarket accessory or battery, though slave device 204 can also be an original part.
  • Slave device 204 can be provided by the same manufacturer or provider as host device 202 or by some other party, such as an authorized manufacturer and/or distributor of replacement and aftermarket parts and accessories. While slave device 204 is depicted as being external to host device 202 , slave device 204 can operate within or as part of host device in embodiments.
  • an embodiment referred to herein throughout is that of a medical device and medication cassette, in which the medication cassette operates within the medical device.
  • host device 202 can comprise a mobile telephone and slave device 204 a wireless earpiece or other accessory operating with but outside of the phone. Neither example, however, is limiting.
  • Slave device 204 includes an authentication IC 208 .
  • Authentication IC 208 comprises a semiconductor chip in an embodiment and includes memory 210 .
  • the functionality and features of authentication IC 208 are realized as one or more system-on-chip components of slave device 204 to achieve cost or size savings.
  • slave 204 can comprise a BLUETOOTH headset, which often is of small size and therefore may not be able to accommodate an additional IC 208 . Instead, the features and functionality are integrated on an existing chip in the headset, saving space and possibly also costs.
  • a manufacturer of the headset or other device comprising slave 204 can be provided with, for example, a VHDL netlist for integration into an existing controller or processor of the headset or other device in place of a discrete authentication IC 208 , which little or no change in the features, functions and security thereby provided.
  • Memory 210 is non-volatile memory in an embodiment.
  • Memory 210 can hold a private or secret authentication key (SAK) 214 , described in more detail below, as well as data 216 .
  • data 216 is transformable and protectable from manipulation, such as by piggybacking, by the authentication systems and methodologies discussed herein.
  • data 216 can comprise a unidirectional counter that only increments or only decrements, as can be the case when slave device 204 comprises a consumable like a medical cassette and host 202 is a medical device controlling the counter to a maximum or zero, respectively.
  • host device 202 holds a public authentication key (PAK) 212
  • authentication IC 208 holds SAK 214 as well as data 216 to be cryptographically authenticated.
  • PAK 212 and SAK 214 form an authentication key pair.
  • host device 202 reads data 216 from slave device 204 in a first communication at 302 . Communications between host 202 and slave 204 can be wired or wireless in embodiments.
  • host device selects a random value ⁇ and generates a challenge.
  • the challenge, x A comprises the affine x-coordinate of a point A on a curve that is the scalar multiple of a base point, P, of a curve represented by its affine x-coordinate, x p , with the chosen random value ⁇ .
  • the challenge can be generated from the random number as well as additional data.
  • the challenge, A represented by x A
  • authentication IC 208 Upon receipt of the challenge, authentication IC 208 generates a slave-side session key (SK) at 308 .
  • SK slave-side session key
  • authentication IC 208 determines X B and Z B by a scalar multiplication of the challenge A, represented by x A , with SAK 214 . Authentication IC 208 then selects a number of bits, of length L, from one of the coordinates to form a slave-side session key (SK).
  • SK slave-side session key
  • coordinate X B will be used, but in other embodiments Z B can be used instead.
  • the number of bits and therefore the integer L can also vary in embodiments.
  • Slave-side session key SK is then written into a register or memory 210 in authentication IC 208 for subsequent data authentications.
  • Slave-side session key SK being a key associated with a session, is regenerated for each authentication procedure in embodiments.
  • authentication IC 208 executes a message authentication code (MAC) algorithm or fingerprint for slave device 204 and the data and sends the MAC and projective coordinate Z B (or X B in embodiments in which Z B was used as the source of the slave-side session key SK) to host device 202 in a third communication at 310 .
  • the MAC functions as an authentication stamp of sorts that ensures data exchanged between host 202 and slave 204 is not manipulated.
  • Host device 202 determines a host-side session key (SK′) at 312 .
  • host 202 has calculated or then calculates the affine coordinate x C of a point C on the curve by a multiplication of the chosen random value ⁇ with the affine x-coordinate of public key 212 .
  • Host device 202 then multiplies x C with Z B received from slave device 204 to determine the projective coordinate X B .
  • Host device 202 next takes L bits from X B to determine the host-side session key SK′ and writes host-side session key SK′ to memory 218 , such as RAM, for use in subsequent data authentications.
  • host device 202 can attempt to authenticate the data previously read from slave device 204 at 302 , at 314 . This can be done by verifying that the MAC received from slave device 204 at 310 belongs to the data received from slave device at 302 .
  • host 202 need only write the data into memory 210 , and the slave need only respond with the MAC of the data, calculated with the same SK. This continues for some period of time, after which SK and SK′ can be refreshed at 316 by running another device authentication, in order to protect SK and SK′ and maintain authentication.
  • the period of time can vary, as understood by those skilled in the art, such as according to the strength of the MAC or fingerprint function.
  • data 216 comprises a unidirectional counter that only increments or only decrements
  • the aforementioned authentication procedure can prevent piggybacking of the counter write.
  • host 202 can write a new value to the counter (data 216 ), and slave 204 can then respond with the MAC based on that write, which can be verified by the host 202 . Both data and the direction of counter movement based on the write can be verified, or just the data, in embodiments, thereby preventing an overwriting attack.
  • a unidirectional counter can also be used as a countermeasure against manipulation of write data. For example, and returning to the medical device and medication cassette example, a medication cassette could be temporarily removed from a medical device to be used in another medical device. If a unidirectional counter property is installed and in use, any attack would be limited to manipulating data in a counter direction unfavorable to the attacker.
  • such authentication can be carried out for each write or update of data from host 202 to slave 204 by writing the data and reading the data back with the MAC to ensure it was written properly. In some embodiments, however, this can be too time-consuming. Therefore, it is also possible to authenticate the write or update of data only every other time or in some other interval that provides sufficient security for the application while operating in a sufficiently efficient manner.
  • slave device 204 can authenticate data sent to it by the host, in order to ensure that the data originated in the host.
  • slave 204 can authenticate host 202 , as host 202 authenticated slave 204 hereinabove.
  • the systems and methods address weaknesses and drawbacks of conventional solutions by determining a session key known to both sides as a byproduct of a challenge-response protocol implemented between the devices.
  • the challenge-response protocol is carried out according to an asymmetric encryption methodology, for example an elliptic curve cryptographic algorithm.
  • an RSA cryptographic algorithm or some other cryptographic algorithm is used.
  • Embodiments can also utilize public key infrastructures (PKI) and certificates.
  • PKI public key infrastructures
  • a system comprises a first device comprising a secret authentication key and a public authentication key, forming an authentication key pair, and a certificate of the public authentication key digitally signed using a secret signing key of a PKI, and a second device comprising a public verification key forming a key pair with the secret signing key of the PKI to authenticate the certificate and the public authentication key read from the first device.
  • PKI public key infrastructures
  • Embodiments provide secure authentication of accessories, batteries, parts and other objects at a lower cost suitable for price-sensitive applications. Additionally, embodiments provide device and data authentication simultaneously, preventing so-called man-in-the-middle and piggyback attacks and providing enhanced security through cost-effective authentication.
  • the medical device and medication cassette embodiment is but one example of a host and slave device system.
  • the particular coordinates and functions discussed herein above are also not limiting.
  • any suitable extraction function understood by those skilled in the art could be used to derive the session key, and particular coordinates used at various points could be replaced with other coordinates.

Abstract

Embodiments relate to systems and methods for authenticating devices and securing data. In embodiments, a session key for securing data between two devices can be derived as a byproduct of a challenge-response protocol for authenticating one or both of the devices.

Description

    RELATED APPLICATION
  • This application is a continuation of U.S. application Ser. No. 13/029,789, entitled “SYSTEMS AND METHODS FOR DEVICE AND DATA AUTHENTICATION” and filed Feb. 17, 2011, which is incorporated herein by reference in its entirety.
    • TECHNICAL FIELD
  • The invention relates generally to authentication in electronic devices and more particularly to providing both device and data authentication at the same time.
    • BACKGROUND
  • Modern anti-counterfeiting techniques generally can be divided into two classes, namely methods that exploit specific physical properties related to the items to be protected and methods that are based on digital techniques. Typically, these latter methods rely on properties of cryptographic algorithms.
  • In the physical approach to anti-counterfeiting solutions, the properties to be verified are either features of the item itself (e.g. surface structure) or are technically connected to the item in an irremovable way. Examples include holograms, seals, security labels, water marks, micro marks, chemical marks, special papers and reproduction techniques, fluorescent colors, laser engravings, special coatings and paints, and many more. Methods for marking products or packages rely on special manufacturing steps or special materials that are not commonly available and require highly sophisticated technical production and handling capabilities. The general philosophy behind physical property-based anti-counterfeiting techniques is that there is a substantial and sufficiently large technological gap between the producer of the security mark and the attacker. It is the hope that an attacker trying to create counterfeit products does not have access to the necessary materials, or that cost and complexity of the process of creating forgeries would make the attack unattractive. The ongoing dissemination of knowledge about the technical details and machines for product marking, however, particularly in the age of the Internet, results in a permanent battle between legitimate manufacturer and counterfeiter.
  • Most physical anti-counterfeiting techniques need some special treatment of items or packages during the manufacturing process, and it is often difficult to verify the genuineness of the artificial marks in an automated way. For example, chemical marks have to be analyzed in a laboratory for their verification.
  • In contrast, cryptographic methods gain their security only from the secrecy of key material and do not rely on the belief that the manufacturer is technologically superior to the attacker. The level of protection offered by cryptographic schemes depends mainly on the length of the secret keys involved and can easily be scaled such that any straight-forward attack becomes impossible. Authenticity of data can be achieved by algorithms for generation and verification of message authentication codes and digital signatures. These algorithms prevent the creation of data for counterfeit products, but they cannot protect against the copying and cloning of valid authentication data of genuine products. In order to provide security against counterfeiting, the authenticity of the item needs to be checked. Therefore, it is typically necessary for the authentication data to be bound to a physical object like a smart card or a security integrated circuit (IC). In this situation, the protection mechanisms of the hardware prevent unauthorized access to key material or authentication data. Verification of the authenticity of items is accomplished by active protocols between the verifier and the item to be tested.
  • There exist conventional schemes using only data authentication and a database of all genuine products. These schemes establish an electronic pedigree of the products and offer protection from forgery because an attacker is not able to authenticate fake data on its own. But because genuine data can be copied easily, it is not possible to detect cloned products without on-line access to the background database of all products. Even if inconsistencies with entries in the database were detected, the scheme does not distinguish between genuine products and clones.
  • In the literature, many cryptographic techniques for data authentication have been published. These algorithms typically append additional information for authentication (authenticator, authentication data) to the original data. The authenticator is a function of the original data and a secret key. The authenticator assures that the original data has not been manipulated and that the data is genuine. The cryptographic mechanism guarantees that no attacker is able to compute a valid authenticator without knowledge of the secret key, even if he knows already many valid pairs of data and the corresponding authenticator. Moreover, the cryptographic scheme ensures that the attacker cannot extract the secret key from many valid pairs of data and adjoined authenticator. Interactive methods, e.g. challenge-response protocols, and non-interactive methods, e.g. message authentication codes (MAC) using symmetric key management and digital signature schemes using asymmetric key management, also exist.
  • Several semiconductor manufacturers currently offer security ICs for the detection of counterfeit products. There exist products for contactless verification based on radio frequency identification (RFID) and wired components. In one scheme, the components implement a challenge-response protocol: the host (verifier) sends a randomly chosen challenge to the security device. The security device in turn computes a message authentication code (for example using a keyed hash function) depending on the challenge and the secret key stored in the device and sends the authentication data back to the host. If the security device uses symmetric key management, the host knows the secret key, repeats the computation, and compares the two results. If the results are equal then the device has proven knowledge of its secret key and will be considered authentic. Almost all available low-cost security devices for anti-counterfeiting follow this design approach.
  • Since the secret keys of all security devices to be verified have to be known to the host, special care has to be taken to protect the keys stored in the host. In most applications the host contains a special security device (for example a smart card) to protect the secret key.
  • There also exist several security devices for anti-counterfeiting using asymmetric key management. In the literature, small VLSI (very large scale integration) devices for the computation of ECDSA (elliptic curve digital signature algorithm) signatures and devices implementing asymmetric challenge-response protocols have been described. A passive RFID tag using an asymmetric challenge-response protocol, for example, is available as a prototype, and the security IC ORIGA available from INFINEON TECHNOLOGIES AG can be used for applications with wired interface.
  • Asymmetric key management has many benefits over the symmetric approach since there is no secret key information necessary in the host device. This allows the host side of the protocol to be implemented completely in software. This is especially advantageous for large decentralized applications in which an attacker can get access to and control of host devices. All practically relevant applications based on asymmetric key management derive their security from the assumed hardness of computing discrete logarithms in the group of points of some elliptic curve defined over finite fields of characteristic two. This specific mathematical structure offers the best ratio of cryptographic security versus length of the parameters and allows low-cost and small foot-print VLSI implementations with low power consumption.
  • Another aspect of authentication, however, relates to the protection of data exchanged by devices, beyond the authentication of the devices themselves. Even if a set of devices has been authenticated, critical data sent or received by the devices can be vulnerable. For example, a non-authenticated device can intercept communications and tamper with data, which can go undetected even if the original devices were authenticated. Wireless devices, particularly those used in public spaces, can be especially vulnerable to such interceptions, often referred to as “man-in-the-middle” or “piggyback” attacks. Existing solutions often use a session key, which is typically so long that decoding data quickly is difficult or impossible. Further, session keys known only to the parties exchanging information need to be established, with the keys and the process(es) for establishing them kept secure.
  • Therefore, there is a need for improved authentication systems that address both device and data security.
    • SUMMARY
  • Embodiments relate to systems and methods for authenticating devices and securing data.
  • In an embodiment, a method for the authentication of data and/or devices comprises reading data from a slave device by a host device; generating a challenge by the host device; transmitting the challenge from the host device to the slave device; generating a slave-side session key by the slave device from the challenge and a secret authentication key stored in the slave device; generating, by the slave device and dependent upon the slave-side session key, authentication data for the read data; transmitting the authentication data from the slave device to the host device; determining a host-side session key by the host device using a public authentication key known by the host device, the public and secret authentication keys forming an authentication key pair; and using, by the host device, the host-side session key and the authentication data to verify an authenticity of the read data and the slave device.
  • In an embodiment, a method for the authentication of data and/or devices comprises implementing a challenge-response protocol between a first device and a second device; determining a session key known to both the first and second devices as part of the implementing; and authenticating the first device to the second device while authenticating data read from the first device to the second device utilizing the session key.
  • In an embodiment, a system for the authentication of data and/or devices comprises a first device comprising an authentication integrated circuit (IC) including a secret authentication key; and a second device comprising a public authentication key, the second device configured to authenticate the first device and data read from the first device by establishing a session key as part of a challenge-response protocol between the first and second devices that utilizes the secret authentication key and the public authentication key.
  • In an embodiment, an integrated circuit (IC) adapted to be embedded in a first device comprises a memory comprising data and a private authentication key; and a communication interface configured to communicate with a second device comprising a public authentication key using an asymmetric cryptographic technique to authenticate both the first device and the data to the second device.
    • BRIEF DESCRIPTION OF THE DRAWINGS
  • The invention may be more completely understood in consideration of the following detailed description of various embodiments of the invention in connection with the accompanying drawings, in which:
  • FIGS. 1A-1C are block diagrams of piggybacking schemes.
  • FIG. 2 is a block diagram of a system according to an embodiment.
  • FIG. 3 is a flowchart of a method according to an embodiment.
    •
  • While the invention is amenable to various modifications and alternative forms, specifics thereof have been shown by way of example in the drawings and will be described in detail. It should be understood, however, that the intention is not to limit the invention to the particular embodiments described. On the contrary, the intention is to cover all modifications, equivalents, and alternatives falling within the spirit and scope of the invention as defined by the appended claims.
    • DETAILED DESCRIPTION
  • Embodiments relate to systems and methods for authenticating devices and securing data. In embodiments, a session key for securing data between two devices can be derived as a byproduct of a challenge-response protocol for authenticating one or both of the devices.
  • The protocol can utilize elliptic curve asymmetric authentication in one embodiment. An elliptic curve E over a finite field K is the set of solutions (x, y) in K×K of a cubic equation y2+a1xy+a3y=x3+a2x2+a4x+a6 without singular points, where a1, a2, a3, a4, and a6 are elements of the finite field K. Adding the point at infinity O as zero element, the points of the elliptic curve form a finite abelian group. The group law is defined by the algebraic fact that each line through two points P and Q of E intersects the curve at a third not necessarily different point R and the sum P+Q+R=O is the zero element. (If P=Q then the tangent line intersects the curve in R.)
  • Analogously to vector spaces, the scalar multiplication k*P is defined where k is an integer and P a point of E. Then k*P denotes the k-fold addition of P. For cryptographically strong elliptic curves the scalar multiplication k*P=S is a one-way function, e.g. it is possible to compute k*P in time polynomial in the length of the parameters but given P and S there are only algorithms with exponential running time known for the computation of the scalar k. This one-way function is the basis for the security of cryptographic protocols using elliptic curves.
  • While embodiments are directed to authentication and security generally and for any number of reasons appreciated by those skilled in the art, the prevention of so-called “man-in-the-middle” or “piggyback” attacks is one goal. A piggyback attack, for example, is an attack scenario that does not attack the authentication between devices per se but rather that circumvents the protection intended by the authentication device by intercepting, controlling and/or altering the communication(s). Many business models rely on the usage of authorized replacement parts, consumables that record usage information, and/or lifetime counters to prevent use of counterfeit accessories, unauthorized refills, and/or longer use of an accessory or consumable than is safe or intended. An example that will be used herein throughout is that of a medical device with an accessory, for example a medical pump to deliver a fluid medication to a patient and which tracks a level of the medication in a medication cassette, though this is not in any way to be considered a limiting example or exclusive embodiment.
  • Referring to FIG. 1, a host device 102 and a slave device 104 are configured to exchange communications. In FIG. 1A, an unauthorized piggyback device 106 intercepts, controls and/or otherwise alters communications between host 102 and slave device 104. The communications can be wired or wireless. Referring to FIGS. 1B and 1C, piggyback device 106 can let only communications necessary for authentication of slave device 104 to host device 102 via an authentication integrated circuit (IC) 108 pass (FIG. 1B) before assuming control of communications (FIG. 1C). If host device 102 attempts to write usage information to slave device 104 and/or increase or decrease a unidirectional counter, piggyback device 106 can intercept the write data and store the data in its own memory. If host device 102 wants to check write data, read back data or check a counter from slave device 104, piggyback device 106 can intercept the communication and instead provide data from its own memory, thereby providing host device 102 with expected data to not trigger any suspicion.
  • In the medical device (host device 102) and medication cassette (slave device 104) example, piggyback device 106 can mask refilling of the cassette. This can be a commonly attempted practice that is generally undesired by physicians and other medical professionals, and/or pharmaceutical companies and medication cassette manufacturers. Once the cassette is authenticated to the medical device, there is no further authentication of the data exchanged between the devices.
  • Embodiments discussed herein therefore aim to prevent such piggybacking, in part by providing both device and data authentication at the same time. In one embodiment, this is accomplished by authenticating the device and data in a communication and using a session key derived from the communication, and known to both host and slave devices but not transmitted and therefore not vulnerable to piggybacking, to authenticate data in subsequent communications until the session key needs to be refreshed.
  • Referring to FIG. 2, an authentication system 200 is depicted. System 200 comprises a host device 202 and slave device 204. Host device 202 can comprise a mobile phone; personal digital assistant (PDA); camera; MP3 player, gaming system, audio and/or video system, or other entertainment device; computer, computer system, network or computing device; copy machine, scanner, all-in-one or other digital imaging or reproduction device; medical device or equipment or diagnostic supply; automobile or automotive system; industrial system; or some other electronic or computer device. Slave device 204 can comprise a battery; an accessory, including earphones, a headset, speakers, a docking station, a game controller, a charger, a microphone and others; a toner cassette, magazine, chamber or similar holder; a computer or computer system component, network device, peripheral, USB or other storage device; automotive part, component or accessory; industrial component or part; or some other part, accessory or component, and for which authentication is required or desired.
  • In embodiments, slave device 204 is a replacement component, such as an aftermarket accessory or battery, though slave device 204 can also be an original part. Slave device 204 can be provided by the same manufacturer or provider as host device 202 or by some other party, such as an authorized manufacturer and/or distributor of replacement and aftermarket parts and accessories. While slave device 204 is depicted as being external to host device 202, slave device 204 can operate within or as part of host device in embodiments. For example, an embodiment referred to herein throughout is that of a medical device and medication cassette, in which the medication cassette operates within the medical device. In another embodiment, host device 202 can comprise a mobile telephone and slave device 204 a wireless earpiece or other accessory operating with but outside of the phone. Neither example, however, is limiting.
  • Slave device 204 includes an authentication IC 208. Authentication IC 208 comprises a semiconductor chip in an embodiment and includes memory 210. In an embodiment, the functionality and features of authentication IC 208 are realized as one or more system-on-chip components of slave device 204 to achieve cost or size savings. For example, slave 204 can comprise a BLUETOOTH headset, which often is of small size and therefore may not be able to accommodate an additional IC 208. Instead, the features and functionality are integrated on an existing chip in the headset, saving space and possibly also costs. In such an embodiment, a manufacturer of the headset or other device comprising slave 204 can be provided with, for example, a VHDL netlist for integration into an existing controller or processor of the headset or other device in place of a discrete authentication IC 208, which little or no change in the features, functions and security thereby provided.
  • Memory 210 is non-volatile memory in an embodiment. Memory 210 can hold a private or secret authentication key (SAK) 214, described in more detail below, as well as data 216. In embodiments, data 216 is transformable and protectable from manipulation, such as by piggybacking, by the authentication systems and methodologies discussed herein. For example, data 216 can comprise a unidirectional counter that only increments or only decrements, as can be the case when slave device 204 comprises a consumable like a medical cassette and host 202 is a medical device controlling the counter to a maximum or zero, respectively.
  • At the start of the authentication procedure, host device 202 holds a public authentication key (PAK) 212, and authentication IC 208 holds SAK 214 as well as data 216 to be cryptographically authenticated. PAK 212 and SAK 214 form an authentication key pair.
  • Referring also to FIG. 3, host device 202 reads data 216 from slave device 204 in a first communication at 302. Communications between host 202 and slave 204 can be wired or wireless in embodiments. At 304, host device selects a random value λ and generates a challenge. In an embodiment, the challenge, xA, comprises the affine x-coordinate of a point A on a curve that is the scalar multiple of a base point, P, of a curve represented by its affine x-coordinate, xp, with the chosen random value λ. In other embodiments, the challenge can be generated from the random number as well as additional data. At 306, the challenge, A, represented by xA, is transmitted from the host 202 to the slave 204 in a second communication.
  • Upon receipt of the challenge, authentication IC 208 generates a slave-side session key (SK) at 308. Generally, authentication IC 208 determines projective coordinates XB and ZB for a point B on the curve and then applies a function f to get SK=f(XB, ZB).
  • More particularly, in one embodiment, authentication IC 208 determines XB and ZB by a scalar multiplication of the challenge A, represented by xA, with SAK 214. Authentication IC 208 then selects a number of bits, of length L, from one of the coordinates to form a slave-side session key (SK). In this example, coordinate XB will be used, but in other embodiments ZB can be used instead. The number of bits and therefore the integer L can also vary in embodiments.
  • Slave-side session key SK is then written into a register or memory 210 in authentication IC 208 for subsequent data authentications. Slave-side session key SK, being a key associated with a session, is regenerated for each authentication procedure in embodiments.
  • Next, authentication IC 208 applies a function g to the projective coordinates XB and ZB to get data w=g(XB, ZB), which is sufficient for host 202 to identify and compute the actual projective representation of the point B used in slave 204.
  • More particularly, in one embodiment, authentication IC 208 executes a message authentication code (MAC) algorithm or fingerprint for slave device 204 and the data and sends the MAC and projective coordinate ZB (or XB in embodiments in which ZB was used as the source of the slave-side session key SK) to host device 202 in a third communication at 310. The MAC functions as an authentication stamp of sorts that ensures data exchanged between host 202 and slave 204 is not manipulated.
  • Host device 202 then determines a host-side session key (SK′) at 312. For example, host device 202 calculates, in a first step, the affine coordinate xC of a point C on the curve by a multiplication of the chosen random value λ with the affine x-coordinate of public key 221 as an expected response value. Then, host device 202 applies a function h to the expected response value xC and the data w received from slave device 204, resulting in a host-side session key SK′=h(xC, w). If the process has been successful thus far in that authentication will succeed, SK=SK′.
  • More particularly, in one embodiment, host 202 has calculated or then calculates the affine coordinate xC of a point C on the curve by a multiplication of the chosen random value λ with the affine x-coordinate of public key 212. Host device 202 then multiplies xC with ZB received from slave device 204 to determine the projective coordinate XB. Host device 202 next takes L bits from XB to determine the host-side session key SK′ and writes host-side session key SK′ to memory 218, such as RAM, for use in subsequent data authentications.
  • Using SK′, host device 202 can attempt to authenticate the data previously read from slave device 204 at 302, at 314. This can be done by verifying that the MAC received from slave device 204 at 310 belongs to the data received from slave device at 302.
  • In subsequent authentications of data between host 202 and slave 204 given that SK and corresponding SK′ have been determined, host 202 need only write the data into memory 210, and the slave need only respond with the MAC of the data, calculated with the same SK. This continues for some period of time, after which SK and SK′ can be refreshed at 316 by running another device authentication, in order to protect SK and SK′ and maintain authentication. The period of time can vary, as understood by those skilled in the art, such as according to the strength of the MAC or fingerprint function.
  • Returning to the aforementioned example in which data 216 comprises a unidirectional counter that only increments or only decrements, as can be the case when slave device 204 comprises a consumable such as a medication cassette and host 202 is a medical device controlling the counter to a maximum or zero, respectively, the aforementioned authentication procedure can prevent piggybacking of the counter write. In such an embodiment, host 202 can write a new value to the counter (data 216), and slave 204 can then respond with the MAC based on that write, which can be verified by the host 202. Both data and the direction of counter movement based on the write can be verified, or just the data, in embodiments, thereby preventing an overwriting attack.
  • A unidirectional counter can also be used as a countermeasure against manipulation of write data. For example, and returning to the medical device and medication cassette example, a medication cassette could be temporarily removed from a medical device to be used in another medical device. If a unidirectional counter property is installed and in use, any attack would be limited to manipulating data in a counter direction unfavorable to the attacker.
  • In embodiments, such authentication can be carried out for each write or update of data from host 202 to slave 204 by writing the data and reading the data back with the MAC to ensure it was written properly. In some embodiments, however, this can be too time-consuming. Therefore, it is also possible to authenticate the write or update of data only every other time or in some other interval that provides sufficient security for the application while operating in a sufficiently efficient manner.
  • In other embodiments, slave device 204 can authenticate data sent to it by the host, in order to ensure that the data originated in the host. In other words, slave 204 can authenticate host 202, as host 202 authenticated slave 204 hereinabove.
  • In embodiments, the systems and methods address weaknesses and drawbacks of conventional solutions by determining a session key known to both sides as a byproduct of a challenge-response protocol implemented between the devices. In embodiments, the challenge-response protocol is carried out according to an asymmetric encryption methodology, for example an elliptic curve cryptographic algorithm. In another embodiment, an RSA cryptographic algorithm or some other cryptographic algorithm is used.
  • Embodiments can also utilize public key infrastructures (PKI) and certificates. For example, in an embodiment, a system comprises a first device comprising a secret authentication key and a public authentication key, forming an authentication key pair, and a certificate of the public authentication key digitally signed using a secret signing key of a PKI, and a second device comprising a public verification key forming a key pair with the secret signing key of the PKI to authenticate the certificate and the public authentication key read from the first device. Refer also to PKI and certificates such as are discussed in co-owned and co-pending U.S. patent application Ser. No. 12/582,362, entitled “SYSTEMS AND METHODS FOR ASYMMETRIC CRYPTOGRAPHIC ACCESSORY AUTHENTICATION,” filed on Oct. 20, 2009, and Ser. No. 12/645,062, entitled “SYSTEMS AND METHODS FOR CRYPTOGRAPHICALLY ENHANCED AUTOMATIC BLACKLIST MANAGEMENT AND ENFORCEMENT,” filed on Dec. 22, 2009, which are hereby incorporated by reference in their entireties.
  • Embodiments provide secure authentication of accessories, batteries, parts and other objects at a lower cost suitable for price-sensitive applications. Additionally, embodiments provide device and data authentication simultaneously, preventing so-called man-in-the-middle and piggyback attacks and providing enhanced security through cost-effective authentication.
  • Particular examples and embodiments discussed herein are not to be limiting and rather are used to illustrate broader beneficial concepts and ideas. For example, the medical device and medication cassette embodiment is but one example of a host and slave device system. Further, the particular coordinates and functions discussed herein above are also not limiting. For example, any suitable extraction function understood by those skilled in the art could be used to derive the session key, and particular coordinates used at various points could be replaced with other coordinates.
  • Various embodiments of systems, devices and methods have been described herein. These embodiments are given only by way of example and are not intended to limit the scope of the invention. It should be appreciated, moreover, that the various features of the embodiments that have been described may be combined in various ways to produce numerous additional embodiments. Moreover, while various materials, dimensions, shapes, implantation locations, etc. have been described for use with disclosed embodiments, others besides those disclosed may be utilized without exceeding the scope of the invention.
  • Persons of ordinary skill in the relevant arts will recognize that the invention may comprise fewer features than illustrated in any individual embodiment described above. The embodiments described herein are not meant to be an exhaustive presentation of the ways in which the various features of the invention may be combined. Accordingly, the embodiments are not mutually exclusive combinations of features; rather, the invention may comprise a combination of different individual features selected from different individual embodiments, as understood by persons of ordinary skill in the art.
  • Any incorporation by reference of documents above is limited such that no subject matter is incorporated that is contrary to the explicit disclosure herein. Any incorporation by reference of documents above is further limited such that no claims included in the documents are incorporated by reference herein. Any incorporation by reference of documents above is yet further limited such that any definitions provided in the documents are not incorporated by reference herein unless expressly included herein.
  • For purposes of interpreting the claims for the present invention, it is expressly intended that the provisions of Section 112, sixth paragraph of 35 U.S.C. are not to be invoked unless the specific terms “means for” or “step for” are recited in a claim.

Claims (25)

1. A method for the authentication of data and/or devices comprising:
reading data from a slave device by a host device;
generating a challenge by the host device;
transmitting the challenge from the host device to the slave device;
generating a slave-side session key by the slave device from the challenge and a secret authentication key stored in the slave device;
generating, by the slave device and dependent upon the slave-side session key, authentication data for the read data;
transmitting the authentication data from the slave device to the host device;
determining a host-side session key by the host device using a public authentication key known by the host device, the public and secret authentication keys forming an authentication key pair; and
using, by the host device, the host-side session key and the authentication data to verify an authenticity of the read data and the slave device.
2. The method of claim 1, wherein generating a challenge comprises selecting a random number, performing a scalar multiplication of the random number with a point on an elliptic curve and determining a coordinate of the point on the elliptic curve that results from the scalar multiplication.
3. The method of claim 2, wherein transmitting the challenge further comprises transmitting the coordinate of the point.
4. The method of claim 1, wherein generating a slave-side session key comprises carrying out a scalar multiplication of the secret authentication key with a point represented by the challenge to determine a result, and deriving the slave-side session key using the result.
5. The method of claim 4, wherein transmitting the authentication data comprises transmitting the authentication data and a coordinate of a point.
6. The method of claim 5, wherein determining the host-side session key comprises determining a coordinate using the public authentication key, and deriving the host-side session key from the coordinate and the coordinate transmitted from the slave.
7. The method of claim 1, further comprising storing the slave-side session key in a memory of the slave device.
8. The method of claim 1, wherein reading data comprises reading a counter value from the slave device.
9. The method of claim 8, wherein reading data comprises reading a unidirectional counter value from the slave device.
10. The method of claim 1, further comprising writing data to the slave device by the host device.
11. A method for the authentication of data and/or devices comprising:
implementing a challenge-response protocol between a first device and a second device;
determining a session key known to both the first and second devices as part of the implementing; and
authenticating the first device to the second device while authenticating data read from the first device to the second device utilizing the session key.
12. The method of claim 11, wherein determining a session key comprises determining a first instance of the session key by the first device, and determining a second instance of the session key by the second device.
13. The method of claim 11, wherein the first device and the second device are a pair selected from the group consisting of: a mobile phone and a battery; a mobile phone and a mobile phone accessory; a copy machine and toner cassette; a gaming unit and a gaming unit controller; an electronic device and a battery; an electronic device and an accessory; a computer device and an accessory; a computer device and a battery; a computer device and a peripheral device; a network and a networking device; a universal serial bus (USB) host device operably connected to a USB device through a USB hub; a media device and a battery; a media device and an accessory; an imaging device and an accessory; a medical device and a battery; a medical device and an accessory; a personal digital assistant (PDA) and a battery; a PDA and an accessory; an industrial system and an industrial system component; an automobile and an automotive accessory; and an automotive system and an automotive part.
14. The method of claim 11, further comprising storing a public authentication key in the second device, and storing a private authentication key in the first device.
15. The method of claim 11, further comprising authenticating the second device to the first device.
16. The method of claim 11, wherein implementing a challenge-response protocol comprises utilizing an asymmetric encryption method.
17. The method of claim 16, wherein utilizing an asymmetric encryption method comprises utilizing an elliptic curve cryptographic algorithm.
18. The method of claim 16, wherein utilizing an asymmetric encryption method comprises utilizing an RSA cryptographic algorithm.
19. A system for the authentication of data and/or devices comprising:
a first device comprising an authentication integrated circuit (IC) including a secret authentication key; and
a second device comprising a public authentication key, the second device configured to authenticate the first device and data read from the first device by establishing a session key as part of a challenge-response protocol between the first and second devices that utilizes the secret authentication key and the public authentication key.
20. The system of claim 19, wherein the public authentication key is associated with a public key infrastructure (PKI).
21. The system of claim 19, wherein the first device comprises a counter, and wherein the second device is configured to update the counter.
22. The system of claim 21, wherein the counter is unidirectional.
23. An integrated circuit (IC) adapted to be embedded in a first device, comprising:
a memory comprising data and a private authentication key; and
a communication interface configured to communicate with a second device comprising a public authentication key using an asymmetric cryptographic technique to authenticate both the first device and the data to the second device.
24. The IC of claim 23, wherein the data comprises a counter value.
25. The IC of claim 23, further comprising circuitry configured to generate a session key.
US13/185,825 2011-02-17 2011-07-19 Systems and methods for device and data authentication Active US8630411B2 (en)

Priority Applications (6)

Application Number Priority Date Filing Date Title
US13/185,825 US8630411B2 (en) 2011-02-17 2011-07-19 Systems and methods for device and data authentication
DE102012202420.4A DE102012202420B4 (en) 2011-02-17 2012-02-16 SYSTEMS AND METHOD FOR DEVICE AND DATA AUTHENTICATION
CN201210036275.1A CN102647276B (en) 2011-02-17 2012-02-17 For the system and method for equipment and data authentication
CN201510776517.4A CN105262595B (en) 2011-02-17 2012-02-17 System and method for equipment and data authentication
US14/152,298 US9407618B2 (en) 2011-02-17 2014-01-10 Systems and methods for device and data authentication
US14/152,227 US9450933B2 (en) 2011-02-17 2014-01-10 Systems and methods for device and data authentication

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US201113029789A 2011-02-17 2011-02-17
US13/185,825 US8630411B2 (en) 2011-02-17 2011-07-19 Systems and methods for device and data authentication

Related Parent Applications (1)

Application Number Title Priority Date Filing Date
US201113029789A Continuation 2011-02-17 2011-02-17

Related Child Applications (2)

Application Number Title Priority Date Filing Date
US14/152,227 Division US9450933B2 (en) 2011-02-17 2014-01-10 Systems and methods for device and data authentication
US14/152,298 Continuation US9407618B2 (en) 2011-02-17 2014-01-10 Systems and methods for device and data authentication

Publications (2)

Publication Number Publication Date
US20120213361A1 true US20120213361A1 (en) 2012-08-23
US8630411B2 US8630411B2 (en) 2014-01-14

Family

ID=46605174

Family Applications (3)

Application Number Title Priority Date Filing Date
US13/185,825 Active US8630411B2 (en) 2011-02-17 2011-07-19 Systems and methods for device and data authentication
US14/152,298 Active US9407618B2 (en) 2011-02-17 2014-01-10 Systems and methods for device and data authentication
US14/152,227 Active US9450933B2 (en) 2011-02-17 2014-01-10 Systems and methods for device and data authentication

Family Applications After (2)

Application Number Title Priority Date Filing Date
US14/152,298 Active US9407618B2 (en) 2011-02-17 2014-01-10 Systems and methods for device and data authentication
US14/152,227 Active US9450933B2 (en) 2011-02-17 2014-01-10 Systems and methods for device and data authentication

Country Status (3)

Country Link
US (3) US8630411B2 (en)
CN (2) CN105262595B (en)
DE (1) DE102012202420B4 (en)

Cited By (12)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20120011362A1 (en) * 2010-07-08 2012-01-12 Certicom Corp. System and Method for Performing Device Authentication Using Key Agreement
US20150113602A1 (en) * 2012-05-08 2015-04-23 Serentic Ltd. Method and system for authentication of communication and operation
US9137025B2 (en) 2011-05-06 2015-09-15 Certicom Corp. Managing data for authentication devices
US20150341345A1 (en) * 2012-05-25 2015-11-26 Kabushiki Kaisha Toshiba Security system
US9294287B2 (en) 2011-03-25 2016-03-22 Certicom Corp. Interrogating an authentication device
US9369290B2 (en) 2012-11-30 2016-06-14 Certicom Corp. Challenge-response authentication using a masked response value
US20170063853A1 (en) * 2015-07-10 2017-03-02 Infineon Technologies Ag Data cipher and decipher based on device and data authentication
US9727720B2 (en) 2012-11-30 2017-08-08 Certicom Corp. Challenge-response authentication using a masked response value
WO2018067865A1 (en) * 2016-10-06 2018-04-12 Cryptography Research, Inc. Generating an authentication result by using a secure base key
US10298406B1 (en) * 2015-05-29 2019-05-21 Silego Technology, Inc. Security integrated circuit
US11146397B2 (en) * 2017-10-31 2021-10-12 Micro Focus Llc Encoding abelian variety-based ciphertext with metadata
US11403386B2 (en) * 2018-08-31 2022-08-02 Bausch Health Ireland Limited Encrypted memory device

Families Citing this family (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104393999B (en) * 2014-12-10 2017-12-12 暨南大学 Authentication method and system of a kind of main equipment to its slave
US9531531B2 (en) * 2015-05-06 2016-12-27 Qualcomm Incorporated Methods and devices for fixed execution flow multiplier recoding and scalar multiplication
US11070380B2 (en) 2015-10-02 2021-07-20 Samsung Electronics Co., Ltd. Authentication apparatus based on public key cryptosystem, mobile device having the same and authentication method
CN110612619A (en) * 2018-01-05 2019-12-24 深圳市大疆创新科技有限公司 Authentication method, device and storage medium for non-intelligent battery
CN110266547B (en) * 2019-07-02 2022-05-24 普联技术有限公司 Networking method and equipment
CN113742707B (en) * 2021-09-08 2023-12-08 深圳市精锋医疗科技股份有限公司 Authentication method, authentication device, and surgical robot

Citations (17)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6105027A (en) * 1997-03-10 2000-08-15 Internet Dynamics, Inc. Techniques for eliminating redundant access checking by access filters
US6285985B1 (en) * 1998-04-03 2001-09-04 Preview Systems, Inc. Advertising-subsidized and advertising-enabled software
US6356529B1 (en) * 1999-08-12 2002-03-12 Converse, Ltd. System and method for rapid wireless application protocol translation
US20020194476A1 (en) * 2001-06-19 2002-12-19 International Business Machines Corporation Method and apparatus for uniquely and authoritatively identifying tangible objects
US6664969B1 (en) * 1999-11-12 2003-12-16 Hewlett-Packard Development Company, L.P. Operating system independent method and apparatus for graphical remote access
US6678821B1 (en) * 2000-03-23 2004-01-13 E-Witness Inc. Method and system for restricting access to the private key of a user in a public key infrastructure
US20040243474A1 (en) * 2001-07-26 2004-12-02 Vu Tai Duc Method for paying for a service offered by means of a data network
US20050018841A1 (en) * 2001-08-20 2005-01-27 Marc Girault Method of producing a cryptographic unit for an asymmetric cryptography system using a discrete logarithm function
US6968453B2 (en) * 2001-01-17 2005-11-22 International Business Machines Corporation Secure integrated device with secure, dynamically-selectable capabilities
US20080165955A1 (en) * 2004-03-03 2008-07-10 Ibrahim Mohammad K Password protocols using xz-elliptic curve cryptography
US20090013381A1 (en) * 2005-01-28 2009-01-08 Telefonaktiebolaget Lm Ericsson (Publ) User Authentication and Authorisation in a Communications System
US20090019282A1 (en) * 2004-08-03 2009-01-15 David Arditti Anonymous authentication method based on an asymmetic cryptographic algorithm
US20090235073A1 (en) * 2006-09-29 2009-09-17 Michael Braun Authentication method and communications system used for authentication
US20100011218A1 (en) * 2005-03-08 2010-01-14 Texas Instruments Incorporated System and method for secure authentication of a "smart" battery by a host
US20100069086A1 (en) * 2008-09-17 2010-03-18 Sony Ericsson Mobile Communications Ab Mobile Terminals Providing Network-Based Location Data, and Methods and Computer Program Product for Operating the Same
US20100226495A1 (en) * 2007-10-29 2010-09-09 Michael Kelly Digital readout method and apparatus
US20110093714A1 (en) * 2009-10-20 2011-04-21 Infineon Technologies Ag Systems and methods for asymmetric cryptographic accessory authentication

Family Cites Families (37)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7243232B2 (en) 1995-04-21 2007-07-10 Certicom Corp. Key agreement and transport protocol
US6026293A (en) * 1996-09-05 2000-02-15 Ericsson Inc. System for preventing electronic memory tampering
DE19822795C2 (en) 1998-05-20 2000-04-06 Siemens Ag Method and arrangement for computer-aided exchange of cryptographic keys between a first computer unit and a second computer unit
US6816968B1 (en) 1998-07-10 2004-11-09 Silverbrook Research Pty Ltd Consumable authentication protocol and system
US6460138B1 (en) 1998-10-05 2002-10-01 Flashpoint Technology, Inc. User authentication for portable electronic devices using asymmetrical cryptography
EP1161716B1 (en) 1999-02-15 2013-11-27 Hewlett-Packard Development Company, L.P. Trusted computing platform
US20050052661A1 (en) 1999-06-30 2005-03-10 Paul Lapstun Cartridge with identifiers
US7047408B1 (en) 2000-03-17 2006-05-16 Lucent Technologies Inc. Secure mutual network authentication and key exchange protocol
US6871278B1 (en) 2000-07-06 2005-03-22 Lasercard Corporation Secure transactions with passive storage media
DE10111756A1 (en) 2001-03-12 2002-11-14 Infineon Technologies Ag Authentication procedure
US7039955B2 (en) 2001-09-14 2006-05-02 The Directv Group, Inc. Embedded blacklisting for digital broadcast system security
DE10161137B4 (en) 2001-12-12 2008-02-14 Siemens Ag Method and system for cryptographically processing data
DE10161138B4 (en) 2001-12-12 2008-02-14 Siemens Ag Method and apparatus for determining an elliptic curve, method and apparatus for multiplying a point by a scalar
US7373666B2 (en) 2002-07-01 2008-05-13 Microsoft Corporation Distributed threat management
GB0230200D0 (en) 2002-12-24 2003-02-05 Esselte Nv Validation of consumables
JP4126699B2 (en) 2003-11-05 2008-07-30 インターナショナル・ビジネス・マシーンズ・コーポレーション Content reproduction apparatus, information processing system, reproduction restriction method, content reproduction program, and recording medium for restricting content reproduction
JP4257235B2 (en) 2004-03-05 2009-04-22 株式会社東芝 Information processing apparatus and information processing method
US20050246763A1 (en) 2004-03-25 2005-11-03 National University Of Ireland Secure digital content reproduction using biometrically derived hybrid encryption techniques
US7399047B2 (en) 2004-04-29 2008-07-15 Hewlett-Packard Development Company, L.P. Consumable cartridge with theft deterrence features
US7801869B2 (en) 2004-12-22 2010-09-21 Certicom Corp. Partial revocation list
US7823214B2 (en) 2005-01-07 2010-10-26 Apple Inc. Accessory authentication for electronic devices
EP1710764A1 (en) 2005-04-07 2006-10-11 Sap Ag Authentication of products using identification tags
JP4436294B2 (en) 2005-08-26 2010-03-24 株式会社トリニティーセキュリティーシステムズ Authentication processing method, authentication processing program, recording medium, and authentication processing apparatus
EP1773018A1 (en) 2005-10-05 2007-04-11 Privasphere AG Method and devices for user authentication
DE102006002891B4 (en) 2006-01-20 2009-06-04 Siemens Ag Method, apparatus and system for verifying points determined on an elliptic curve
DE102006013515A1 (en) 2006-03-23 2007-10-04 Siemens Ag Cryptographic method with elliptic curves
DE102006014353B4 (en) 2006-03-28 2007-11-22 Siemens Ag Method for the reliable determination of data
US20080024268A1 (en) 2006-07-14 2008-01-31 Wong Hong W Component authentication for computer systems
DE102007001070B3 (en) 2006-09-29 2008-04-30 Siemens Ag Method for the encrypted data equalization of a system with at least one data carrier and one reading device
US8290162B2 (en) * 2006-12-15 2012-10-16 Qualcomm Incorporated Combinational combiner cryptographic method and apparatus
US8261091B2 (en) * 2006-12-21 2012-09-04 Spansion Llc Solid-state memory-based generation and handling of security authentication tokens
CN101281563A (en) * 2007-04-04 2008-10-08 李代甫 Digital signing apparatus with using counter
US7636806B2 (en) 2007-09-07 2009-12-22 Infineon Technologies Ag Electronic system and method for sending or receiving a signal
EP2065823A1 (en) * 2007-11-26 2009-06-03 BIOMETRY.com AG System and method for performing secure online transactions
CN101222772B (en) * 2008-01-23 2010-06-09 西安西电捷通无线网络通信有限公司 Wireless multi-hop network authentication access method based on ID
DE102009051201B4 (en) 2009-10-29 2012-12-20 Siemens Aktiengesellschaft Authentication and data integrity protection of a token
US8621212B2 (en) 2009-12-22 2013-12-31 Infineon Technologies Ag Systems and methods for cryptographically enhanced automatic blacklist management and enforcement

Patent Citations (18)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6105027A (en) * 1997-03-10 2000-08-15 Internet Dynamics, Inc. Techniques for eliminating redundant access checking by access filters
US6285985B1 (en) * 1998-04-03 2001-09-04 Preview Systems, Inc. Advertising-subsidized and advertising-enabled software
US6356529B1 (en) * 1999-08-12 2002-03-12 Converse, Ltd. System and method for rapid wireless application protocol translation
US6664969B1 (en) * 1999-11-12 2003-12-16 Hewlett-Packard Development Company, L.P. Operating system independent method and apparatus for graphical remote access
US6678821B1 (en) * 2000-03-23 2004-01-13 E-Witness Inc. Method and system for restricting access to the private key of a user in a public key infrastructure
US6968453B2 (en) * 2001-01-17 2005-11-22 International Business Machines Corporation Secure integrated device with secure, dynamically-selectable capabilities
US20020194476A1 (en) * 2001-06-19 2002-12-19 International Business Machines Corporation Method and apparatus for uniquely and authoritatively identifying tangible objects
US20060107060A1 (en) * 2001-06-19 2006-05-18 International Business Machines Corporation Cellular telephone device having authenticating capability
US20040243474A1 (en) * 2001-07-26 2004-12-02 Vu Tai Duc Method for paying for a service offered by means of a data network
US20050018841A1 (en) * 2001-08-20 2005-01-27 Marc Girault Method of producing a cryptographic unit for an asymmetric cryptography system using a discrete logarithm function
US20080165955A1 (en) * 2004-03-03 2008-07-10 Ibrahim Mohammad K Password protocols using xz-elliptic curve cryptography
US20090019282A1 (en) * 2004-08-03 2009-01-15 David Arditti Anonymous authentication method based on an asymmetic cryptographic algorithm
US20090013381A1 (en) * 2005-01-28 2009-01-08 Telefonaktiebolaget Lm Ericsson (Publ) User Authentication and Authorisation in a Communications System
US20100011218A1 (en) * 2005-03-08 2010-01-14 Texas Instruments Incorporated System and method for secure authentication of a "smart" battery by a host
US20090235073A1 (en) * 2006-09-29 2009-09-17 Michael Braun Authentication method and communications system used for authentication
US20100226495A1 (en) * 2007-10-29 2010-09-09 Michael Kelly Digital readout method and apparatus
US20100069086A1 (en) * 2008-09-17 2010-03-18 Sony Ericsson Mobile Communications Ab Mobile Terminals Providing Network-Based Location Data, and Methods and Computer Program Product for Operating the Same
US20110093714A1 (en) * 2009-10-20 2011-04-21 Infineon Technologies Ag Systems and methods for asymmetric cryptographic accessory authentication

Cited By (14)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20120011362A1 (en) * 2010-07-08 2012-01-12 Certicom Corp. System and Method for Performing Device Authentication Using Key Agreement
US8990564B2 (en) * 2010-07-08 2015-03-24 Certicom Corp. System and method for performing device authentication using key agreement
US9294287B2 (en) 2011-03-25 2016-03-22 Certicom Corp. Interrogating an authentication device
US9137025B2 (en) 2011-05-06 2015-09-15 Certicom Corp. Managing data for authentication devices
US20150113602A1 (en) * 2012-05-08 2015-04-23 Serentic Ltd. Method and system for authentication of communication and operation
US20150341345A1 (en) * 2012-05-25 2015-11-26 Kabushiki Kaisha Toshiba Security system
US9369290B2 (en) 2012-11-30 2016-06-14 Certicom Corp. Challenge-response authentication using a masked response value
US9727720B2 (en) 2012-11-30 2017-08-08 Certicom Corp. Challenge-response authentication using a masked response value
US10298406B1 (en) * 2015-05-29 2019-05-21 Silego Technology, Inc. Security integrated circuit
US20170063853A1 (en) * 2015-07-10 2017-03-02 Infineon Technologies Ag Data cipher and decipher based on device and data authentication
WO2018067865A1 (en) * 2016-10-06 2018-04-12 Cryptography Research, Inc. Generating an authentication result by using a secure base key
US11539535B2 (en) * 2016-10-06 2022-12-27 Cryptography Research, Inc. Generating an authentication result by using a secure base key
US11146397B2 (en) * 2017-10-31 2021-10-12 Micro Focus Llc Encoding abelian variety-based ciphertext with metadata
US11403386B2 (en) * 2018-08-31 2022-08-02 Bausch Health Ireland Limited Encrypted memory device

Also Published As

Publication number Publication date
CN102647276B (en) 2016-05-11
DE102012202420B4 (en) 2016-06-09
CN105262595A (en) 2016-01-20
CN105262595B (en) 2019-08-16
US20140129840A1 (en) 2014-05-08
US8630411B2 (en) 2014-01-14
US9450933B2 (en) 2016-09-20
US9407618B2 (en) 2016-08-02
CN102647276A (en) 2012-08-22
DE102012202420A1 (en) 2012-08-23
US20140129837A1 (en) 2014-05-08

Similar Documents

Publication Publication Date Title
US9450933B2 (en) Systems and methods for device and data authentication
US8595506B2 (en) Authentication system and method using electronic tags
US7664259B2 (en) Encryption and verification using partial public key
US8766778B2 (en) System and method for authenticating RFID tags
US9832018B2 (en) Method of generating a public key for an electronic device and electronic device
AU2017299473A1 (en) Secure channel establishment
CN109918888B (en) Anti-quantum certificate issuing method and issuing system based on public key pool
JP2007522739A (en) One-way authentication
JP2004013438A (en) Electronic value data communication method, communication system, ic card, and portable terminal
JP6069876B2 (en) IC chip authentication system
JP2014052588A (en) Information processor, information processing method, and computer program
CN112241527A (en) Key generation method and system and electronic equipment
JP2007288254A (en) Communication system, communication apparatus and method, and program
Eldefrawy et al. Banknote validation through an embedded RFID chip and an NFC-enabled smartphone
CN113779594B (en) Block chain-based data distribution sharing method and system
Zhang et al. An anti-counterfeiting RFID privacy protection protocol
CN111125782B (en) Method and system for verifying ID of unclonable chip
Väisänen et al. Security analysis and review of digital signature-based low-cost RFID tag authentication
US10630475B2 (en) Method for a pseudonymous key-agreement between a portable data carrier and a terminal
CN110838918B (en) Anti-quantum certificate issuing method and system based on public key pool and signature offset
JP2011171936A (en) Device and method for processing information, and authentication system
JP2001357358A (en) Ic card issue processing system

Legal Events

Date Code Title Description
AS Assignment

Owner name: INFINEON TECHNOLOGIES AG, GERMANY

Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNORS:LIM, CHEOW GUAN;SCHAECHER, STEPHAN;FISCHER, WIELAND;AND OTHERS;SIGNING DATES FROM 20110216 TO 20110217;REEL/FRAME:026789/0918

FEPP Fee payment procedure

Free format text: PAYOR NUMBER ASSIGNED (ORIGINAL EVENT CODE: ASPN); ENTITY STATUS OF PATENT OWNER: LARGE ENTITY

STCF Information on status: patent grant

Free format text: PATENTED CASE

CC Certificate of correction
FPAY Fee payment

Year of fee payment: 4

MAFP Maintenance fee payment

Free format text: PAYMENT OF MAINTENANCE FEE, 8TH YEAR, LARGE ENTITY (ORIGINAL EVENT CODE: M1552); ENTITY STATUS OF PATENT OWNER: LARGE ENTITY

Year of fee payment: 8